On my blog: Real Life in Star Trek, The Best of Both Worlds, Part One https://john.colagioia.net/blog/2023/10/26/both-worlds-1.html #scifi #startrek #closereading
5 tips for making your GitHub profile page accessible
Your profile’s README invites the world to know you and your work, so it’s important that everyone can read and understand it. In this post, we share some tips for making your README more accessible.
The post 5 tips for making your GitHub profile page accessible appeared first on The GitHub Blog. ⌘ Read more
Cybersecurity spotlight on bug bounty researcher @Ammar Askar
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!
The post Cybersecurity spotlight on bug bounty researcher @Ammar Askar appeared first on The GitHub Blog. ⌘ Read more
Highlights from DockerCon 2023: New Docker Local, Cloud, and AI/ML Innovations
DockerCon 2023 celebrated 10 years of Docker. We round up event announcements, including Docker Scout for the software supply chain, Docker Build, Debug, Docker AI, GenAI stack, OpenPubkey, a Udemy partnership, and more. Videos are available on-demand now on the DockerCon site and will be added to YouTube in the coming weeks. ⌘ Read more
お知らせ:JPCERT/CC Eyes「フィッシングサイト経由の認証情報窃取とドメイン名ハイジャック事件」 ⌘ Read more
JMP: CertWatch
As you may have already seen, on October 21st, it was reported that a long-running, successful MITM (Machine-In-The-Middle) attack against jabber.ru had been detected. The nature of this attack was not specific to the XMPP protocol in any way, but it was of special interest to us as members of the XMPP community. This kind of attack relies on being able to present a TLS certificate which anyone trying to connect will accept as valid. In this case, it was done b … ⌘ Read more
How to gain insight into your project contributors
We’re excited to share with you the contributors Action! At GitHub, we maintain several open source repositories and have developed this Action to empower maintainers to measure how many new and returning contributors and contributions have occurred over any given time period.
The post How to gain insight into your project contributors appeared first … ⌘ Read more
On my blog: Developer Diary, Emmanuel de Grouchy https://john.colagioia.net/blog/2023/10/23/grouchy.html #programming #project #devjournal
Лето в «айтиобщаге»
Этим летом Яндекс открыл «айтиобщагу». В ней жили ребята, которые приехали на стажировку в наши московские офисы из других регионов. «Айтиобщага» приняла первых стажёров в начале июля и проработала до конца сентября. Окончание сезона летних стажировок — хороший повод ещё раз вспомнить, как всё было.
С чего всё началось
Самый стажёрский сезон в Яндексе — лето, когда у студентов каникулы, а самый стажёрский город — Москва. Стажировки идут и в других городах, например в Питере, Екатеринбурге или Новосибир … ⌘ Read more
The next big social network is just the Web ?~L~X https://notiz.blog/b/6k2
Fun fact: Since I started tracking my train journeys in mid-May, I’ve already spent almost 7 whole days on trains. 🚄 ⌘ Read more
I acquired a new, fancy domain for a new side project. A site with tips on how to save money on purchases is something I would like to start. The search for a CMS reminds me of why I built GoBlog: all available options are not optimal. But GoBlog also isn’t optimal for this project for various reasons, as it shouldn’t be a typical personal blog. And now I have this really cool domain and question my plans. 😅 ⌘ Read more
Snikket: On the jabber.ru MITM attack
This post is about a recent security incident on a public XMPP service, which
provides jabber.ru and xmpp.ru. We have received a few questions from Snikket
users about whether they should be concerned about the security of their own
servers (Snikket also uses XMPP).
The good news is that Snikket was not affected by this incident - this was a
targeted attack against the jabber.ru/xmpp.ru service specifically. Later in
the post we’ll share more information about what we’ve done, and … ⌘ Read more
On my blog: Free Culture Book Club — Sugar the Robot, part 2 https://john.colagioia.net/blog/2023/10/21/roboteers-2.html #freeculture #bookclub
On my blog: Toots 🦣 from 10/16 to 10/20 https://john.colagioia.net/blog/2023/10/20/week.html #linkdump #mastodon #socialmedia #week
Docker State of Application Development Survey 2023: Share Your Thoughts on Development
Participate in the Docker State of Application Development Survey 2023 to help us better understand and serve the developer community. We want to know where developers are focused, what they’re working on, and what is most important to them. Your participation and input will help us build the best products and experiences for you. ⌘ Read more
logs/blog: words pointing to the sharp blade of practice; garden/food: new recipes
On my blog: Real Life in Star Trek, Transfigurations https://john.colagioia.net/blog/2023/10/19/transfigurations.html #scifi #startrek #closereading
ICYMI: improved C++ vulnerability coverage and CodeQL support for Lombok
The effectiveness of a static application security solution hinges on its ability to provide extensive vulnerability coverage and support for a wide range of languages and frameworks. Today, we’re highlighting two releases that’ll help you discover more vulnerabilities in your codebase, so you can ship more secure software.
The post [ICYMI: improved C++ vulnerability coverage and CodeQL support … ⌘ Read more
ProcessOne: ejabberd 23.10
A new ejabberd release, ejabberd 23.10, is now published with more than 150 commits since the previous 23.04. It includes many new features and improvements, and also many more bugfixes.
- Support for XEP-0402: PEP Native Bookmarks
- Support for XEP-0421: Occupant Id
- Many new options and features
A more detailed explanation of improvements and features:
Added support for XEP-0402: PEP Native Bookmarks[XEP-0402 … ⌘ Read more
Erlang Solutions: Erlang Security Audit
Unlock the Power of Secure Erlang CodeCybersecurity is a non-negotiable aspect of business. The need for robust protection extends to all aspects of your operations, including the security of your Erlang-based code.
At Erlang Solutions, we recognise the vital importance of safeguarding your code from potential vulnerabilities and security threats. We are thrilled to introduce our latest offering – the … ⌘ Read more
Erlang Solutions: MongooseIM Health-Check
Optimise Your Current Deployment with a MongooseIM Health CheckMongooseIM plays a key role in today’s evolving digital landscape. For businesses, it ensures seamless communication within your organisation or application. However, like any other system, it requires regular check-ups to maintain peak performance.
Enter the MongooseIM Health Check from our team at Erlang Solutions – your ticket to a more efficient messaging environment.
**What is a Mo … ⌘ Read moreYour curated GitHub Universe agenda: AI, ethics, and productivity
Gain actionable insights about the intersection of AI and human skills, while tackling ethics, accessibility, and productivity at these GitHub Universe sessions.
The post Your curated GitHub Universe agenda: AI, ethics, and productivity appeared first on The GitHub Blog. ⌘ Read more
The clock is ticking: Atlassian’s support for Bitbucket Server ends on February 15, 2024
Atlassian is ending support for its Server products—including Bitbucket Server—in February 2024. In this post, you’ll learn what that means for you, your options, and how you can move to GitHub.
The post [The clock is ticking: Atlassian’s support for Bitbucket Server ends on February 15, 2024](https://github.blog/2023-10-17-the-clock-is-ticking-atlassians-support … ⌘ Read more
Hello WordPress ?~L~X https://notiz.blog/p/6jp
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
In this post, I’ll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
The post [Getting RCE in Chrome with incomplete object initialization in the Maglev compiler](https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the- … ⌘ Read more
Update Tailscale on the GL.iNet Beryl AX (GL-MT3000)
I’ve been toying with my recently received GL.iNet Beryl AX (GL-MT3000) for some days and I have to say, it’s wonderful! It provides all the features I need in combination with my 5G router (like support for IPv6). I was also able to set up a VPN connection using Wireguard to the other home that will keep a wire-based internet connection with a public (but changing) IPv4 address. As it also works perfectly fine with an LTE stick or mobile tethering, I’m quite tempte … ⌘ Read more
Measuring Git performance with OpenTelemetry
Use our new open source Trace2 receiver component and OpenTelemetry to capture and visualize telemetry from your Git commands.
The post Measuring Git performance with OpenTelemetry appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, World Food Day https://john.colagioia.net/blog/2023/10/16/food.html #programming #project #devjournal
On my blog: Free Culture Book Club — Sugar the Robot, part 1 https://john.colagioia.net/blog/2023/10/14/roboteers-1.html #freeculture #bookclub
On my blog: Toots 🦣 from 10/09 to 10/13 https://john.colagioia.net/blog/2023/10/13/week.html #linkdump #mastodon #socialmedia #week
Signing Docker Official Images Using OpenPubkey
Learn about the updated Docker Official Images (DOI) signing strategy and how OpenPubkey can be leveraged to smooth the flow and decrease the number of third-party entities the verifier is required to trust. ⌘ Read more
Sam Whited: Co-Op Ideas
This is a list of co-ops I’d like to start one day and where (if applicable).
DIY Bike Kitchen (Cobb County, GA)There is a DIY bike shop, Sopo Bike Co-op in Atlanta, but Cobb has
historically been very transit-averse and it’s hard to get into Atlanta by
bike if you need to get it worked on. Having something local to Cobb could
encourage biking and start to change attitudes to biking on the local city
councils and among the county commissioners.Traditional bik … ⌘ Read more
js13kGames 2023 winners 🏆
The twelfth annual js13kGames coding competition, challenging participants to create games in 13kB or less of JavaScript in a month, just wrapped up. This post highlights the top thirteen entries.
The post js13kGames 2023 winners 🏆 appeared first on The GitHub Blog. ⌘ Read more
On my blog: Real Life in Star Trek, Ménage à Troi https://john.colagioia.net/blog/2023/10/12/menage-troi.html #scifi #startrek #closereading
No hello
Thanks to Tim Hårek Andreassen, I finally have a link I can send my coworkers whenever they send me a “Hi”, “Do you have some time?”, “Can I call you?” instead of asking their question right away or even just mentioning the topic. And there’s also a German version, great! ⌘ Read more
Erlang Solutions: tryMongooseIM: MongooseIM is now easier than ever!
Have you ever found yourself in a situation where you wanted to check the capabilities of MongooseIM, but you were overwhelmed by the sheer amount of configuration of the service itself, or how to deploy it easily?
Imagine you are working on a project and one of the tasks is to evaluate XMPP servers.
You do some res … ⌘ Read more
Ensuring the next generation of open source leaders are truly “all in”
If you are a student from a U.S. minority-serving institution looking to start your journey into open source, join us!
The post Ensuring the next generation of open source leaders are truly “all in” appeared first on The GitHub Blog. ⌘ Read more
Getting Started with JupyterLab as a Docker Extension
JupyterLab is a web-based interactive development environment (IDE) that allows users to create and share documents that contain live code, equations, visualizations, and narrative text. It is the latest evolution of the popular Jupyter Notebook and offers several advantages over its predecessor. We provide an overview the JupyterLab architecture and explain how to start using JupyterLab as a Docker extension. ⌘ Read more
Long term career thoughts
When I read this article by Herman Martinus, creator of Bear Blog and some other projects, about how he stays motivated as a solo creator, it triggered some thoughts about my own career. ⌘ Read more
GitHub Availability Report: September 2023
In September, we experienced two incidents that resulted in degraded performance across GitHub services.
The post GitHub Availability Report: September 2023 appeared first on The GitHub Blog. ⌘ Read more
Enforcing code reliability by requiring workflows with GitHub Repository Rules
GitHub Enterprise Cloud customers can now ensure controlled workflows run and pass before code is merged into any of its repositories.
The post Enforcing code reliability by requiring workflows with GitHub Repository Rules appeared first on [The GitHub Blog](https://g … ⌘ Read more
Research: Quantifying GitHub Copilot’s impact on code quality
Findings show that code quality is better across the board and developers felt more confident, too.
The post Research: Quantifying GitHub Copilot’s impact on code quality appeared first on The GitHub Blog. ⌘ Read more
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.
The post Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641) appeared first on The GitHub Blog. ⌘ Read more
Prompting GitHub Copilot Chat to become your personal AI assistant for accessibility
GitHub Copilot Chat can help you learn about accessibility and improve the accessibility of your code. In this blog, we share a sample foundational prompt that instructs GitHub Copilot Chat to become your personal AI assistant for accessibility.
The post [Prompting GitHub Copilot Chat to become your personal AI assistant for accessibility](https://github.blog/2023-10- … ⌘ Read more
Skilling African developers through All In Africa
All In Africa is a gateway to growth, learning, and meaningful connections within the African open source ecosystem and beyond.
The post Skilling African developers through All In Africa appeared first on The GitHub Blog. ⌘ Read more
On my blog: Developer Diary, Hangul Day https://john.colagioia.net/blog/2023/10/09/hangul.html #programming #project #devjournal
5G chaos in my head
One of the reasons I like blogging is that it sometimes helps me organize my thoughts. There’s a lot of chaos in my head before I write them down, and after, my head is sometimes calm. ⌘ Read more
On my blog: Free Culture Book Club — ½ https://john.colagioia.net/blog/2023/10/07/half.html #freeculture #bookclub
On my blog: Toots 🦣 from 10/02 to 10/06 https://john.colagioia.net/blog/2023/10/06/week.html #linkdump #mastodon #socialmedia #week